QUESTION 6Case Study 2 – Coho WineryLabelMaker appCoho Winery produces bottles, and distributes a variety of wines globally. You are developer implementing highly scalable and resilient applications to support online order processing by using Azure solutions.Coho Winery has a LabelMaker application that prints labels for wine bottles. The application sends data to several printers. The application consists of five modules that run independently on virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to support label creation.External partners send data to the LabelMaker application to include artwork and text for custom label designs.DataYou identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL). Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.You have the following security requirements: Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners. External partners must use their own credentials and authenticate with their organization’s identity management solution. External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance. Storage of e-commerce application settings must be maintained in Azure Key Vault. E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD). Conditional access policies must be applied at the application level to protect company content The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

Calls to the Printer API App fail periodically due to printer communication timeouts.Printer communications timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.The order workflow fails to run upon initial deployment to Azure.Order json.Relevant portions of the app files are shown below. Line numbers are included for reference only.This JSON file contains a representation of the data for an order that includes a single item.Order .json

Drag and Drop QuestionYou need to deploy a new version of the LabelMaker application.Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.NOTE: Each correct selection is worth one point.

Answer:

Explanation:Step 1: Build a new application image by using dockerfileStep 2: Create an alias if the image with the fully qualified path to the registryBefore you can push the image to a private registry, you’ve to ensure a proper image name. This can be achieved using the docker tag command. For demonstration purpose, we’ll use Docker’s hello world image, rename it and push it to ACR.# pulls hello-world from the public docker hub$ docker pull hello-world# tag the image in order to be able to push it to a private registry$ docker tag hello-word <REGISTRY_NAME>/hello-world# push the image$ docker push <REGISTRY_NAME>/hello-worldStep 3: Log in to the registry and push imageIn order to push images to the newly created ACR instance, you need to login to ACR form the Docker CLI. Once logged in, you can push any existing docker image to your ACR instance.Scenario:Coho Winery plans to move the application to Azure and continue to support label creation.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.References:https://thorsten-hans.com/how-to-use-a-private-azure-container-registry-with-kubernetes-9b86e67b93b6https://docs.microsoft.com/en-us/azure/container-registry/container-registry-tutorial-quick-task

QUESTION 7Case Study 2 – Coho WineryLabelMaker appCoho Winery produces bottles, and distributes a variety of wines globally. You are developer implementing highly scalable and resilient applications to support online order processing by using Azure solutions.Coho Winery has a LabelMaker application that prints labels for wine bottles. The application sends data to several printers. The application consists of five modules that run independently on virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to support label creation.External partners send data to the LabelMaker application to include artwork and text for custom label designs.DataYou identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL). Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.You have the following security requirements: Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners. External partners must use their own credentials and authenticate with their organization’s identity management solution. External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance. Storage of e-commerce application settings must be maintained in Azure Key Vault. E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD). Conditional access policies must be applied at the application level to protect company content The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

Calls to the Printer API App fail periodically due to printer communication timeouts.Printer communications timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.The order workflow fails to run upon initial deployment to Azure.Order json.Relevant portions of the app files are shown below. Line numbers are included for reference only.This JSON file contains a representation of the data for an order that includes a single item.Order .json

Hotspot QuestionYou need to ensure that you can deploy the LabelMaker application.How should you complete the CLI commands? To answer, select the appropriate options in the answer area.NOTE: Each correct selection is worth one point.

Answer:

Explanation:Box 1: groupCreate a resource group with the az group create command. An Azure resource group is a logical group in which Azure resources are deployed and managed.The following example creates a resource group named myResourceGroup in the westeurope location.az group create –name myResourceGroup –location westeuropeBox 2: CohoWinterLabelMakerUse the resource group named, which is used in the second command.Box 3: aksThe command az aks create, is used to create a new managed Kubernetes cluster.Box 4: monitoringScenario: LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

QUESTION 8 Case Study 2 – Coho WineryLabelMaker appCoho Winery produces bottles, and distributes a variety of wines globally. You are developer implementing highly scalable and resilient applications to support online order processing by using Azure solutions.Coho Winery has a LabelMaker application that prints labels for wine bottles. The application sends data to several printers. The application consists of five modules that run independently on virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to support label creation.External partners send data to the LabelMaker application to include artwork and text for custom label designs.DataYou identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL). Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.You have the following security requirements: Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners. External partners must use their own credentials and authenticate with their organization’s identity management solution. External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance. Storage of e-commerce application settings must be maintained in Azure Key Vault. E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD). Conditional access policies must be applied at the application level to protect company content The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

Calls to the Printer API App fail periodically due to printer communication timeouts.Printer communications timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.The order workflow fails to run upon initial deployment to Azure.Order json.Relevant portions of the app files are shown below. Line numbers are included for reference only.This JSON file contains a representation of the data for an order that includes a single item.Order .json

Note: In this section you will see one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem, and you must determine whether the solution meets the stated goals. More than one solution might solve the problem. It is also possible that none of the solutions solve the problem.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.You need to meet the LabelMaker application security requirement.Solution: Place the Azure Active Directory account into an Azure AD group. Create a ClusterRoleBinding and assign it to the group.Does the solution meet the goal?

A. YesB. No

Answer: AExplanation:Scenario: The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.Permissions can be granted within a namespace with a RoleBinding, or cluster-wide with a ClusterRoleBinding.References:https://kubernetes.io/docs/reference/access-authn-authz/rbac/

QUESTION 9Case Study 2 – Coho WineryLabelMaker appCoho Winery produces bottles, and distributes a variety of wines globally. You are developer implementing highly scalable and resilient applications to support online order processing by using Azure solutions.Coho Winery has a LabelMaker application that prints labels for wine bottles. The application sends data to several printers. The application consists of five modules that run independently on virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to support label creation.External partners send data to the LabelMaker application to include artwork and text for custom label designs.DataYou identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL). Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.You have the following security requirements: Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners. External partners must use their own credentials and authenticate with their organization’s identity management solution. External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance. Storage of e-commerce application settings must be maintained in Azure Key Vault. E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD). Conditional access policies must be applied at the application level to protect company content The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

Calls to the Printer API App fail periodically due to printer communication timeouts.Printer communications timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.The order workflow fails to run upon initial deployment to Azure.Order json.Relevant portions of the app files are shown below. Line numbers are included for reference only.This JSON file contains a representation of the data for an order that includes a single item.Order .json

Note: In this section you will see one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem, and you must determine whether the solution meets the stated goals. More than one solution might solve the problem. It is also possible that none of the solutions solve the problem.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.You need to meet the LabelMaker application security requirement.Solution: Create a conditional access policy and assign it to the Azure Kubernetes Service cluster.Does the solution meet the goal?

A. YesB. No

Answer: BExplanation:Scenario: The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.Before an Azure Active Directory account can be used with the AKS cluster, a role binding or cluster role binding needs to be created.References:https://docs.microsoft.com/en-us/azure/aks/aad-integration

QUESTION 10Case Study 2 – Coho WineryLabelMaker appCoho Winery produces bottles, and distributes a variety of wines globally. You are developer implementing highly scalable and resilient applications to support online order processing by using Azure solutions.Coho Winery has a LabelMaker application that prints labels for wine bottles. The application sends data to several printers. The application consists of five modules that run independently on virtual machines (VMs). Coho Winery plans to move the application to Azure and continue to support label creation.External partners send data to the LabelMaker application to include artwork and text for custom label designs.DataYou identify the following requirements for data management and manipulation: Order data is stored as nonrelational JSON and must be queried using Structured Query Language (SQL). Changes to the Order data must reflect immediately across all partitions. All reads to the Order data must fetch the most recent writes.You have the following security requirements: Users of Coho Winery applications must be able to provide access to documents, resources, and applications to external partners. External partners must use their own credentials and authenticate with their organization’s identity management solution. External partner logins must be audited monthly for application use by a user account administrator to maintain company compliance. Storage of e-commerce application settings must be maintained in Azure Key Vault. E-commerce application sign-ins must be secured by using Azure App Service authentication and Azure Active Directory (AAD). Conditional access policies must be applied at the application level to protect company content The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.LabelMaker appAzure Monitor Container Health must be used to monitor the performance of workloads that are deployed to Kubernetes environments and hosted on Azure Kubernetes Service (AKS).You must use Azure Container Registry to publish images that support the AKS deployment.

Calls to the Printer API App fail periodically due to printer communication timeouts.Printer communications timeouts occur after 10 seconds. The label printer must only receive up to 5 attempts within one minute.The order workflow fails to run upon initial deployment to Azure.Order json.Relevant portions of the app files are shown below. Line numbers are included for reference only.This JSON file contains a representation of the data for an order that includes a single item.Order .json

Note: In this section you will see one or more sets of questions with the same scenario and problem. Each question presents a unique solution to the problem, and you must determine whether the solution meets the stated goals. More than one solution might solve the problem. It is also possible that none of the solutions solve the problem.After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.You need to meet the LabelMaker application security requirement.Solution: Create a RoleBinding and assign it to the Azure AD account.Does the solution meet the goal?

A. YesB. No

Answer: BExplanation:Scenario: The LabelMaker applications must be secured by using an AAD account that has full access to all namespaces of the Azure Kubernetes Service (AKS) cluster.Permissions can be granted within a namespace with a RoleBinding, or cluster-wide with a ClusterRoleBinding.References:https://kubernetes.io/docs/reference/access-authn-authz/rbac/